package com.example.controller;

import com.demo.utils.ResultUtils;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * ArticleController有两个示例接口：访问 /article/delete 需要 admin 角色；访问 /article/read 需要 article:read 权限。
 */
@RestController
@RequestMapping("/article")
public class ArticleController {

    @GetMapping("/delete")
    @RequiresRoles(value = { "admin" })
    public Object deleteArticle() {
        return ResultUtils.success();
    }

    @GetMapping("/read")
    @RequiresPermissions(value = { "article:read" })
    public Object readArticle() {
        return ResultUtils.success();
    }

}